Unable to get the email attribute using scope openid or /read-public

[Kaviya Ayyappan]

Hi,

I am trying to implement a Login with ORCID for our website user. I am using Oauth single sign-on plugin (Oauth client)- mini orange plugin. I created an ORCID account(visibility: everyone), then in the developer tool, I created a client id and password and provided it in the plugin. 

I use scope: openid with that I can get a few attributes kindly see the attachment of the attribute I am getting and am able to log in with the ORCID id. 

I want to have an email attribute of the user. I tried with scope /read-public but it shows #error-invalid scope in the URL.

Please guide me on what scope I need to use to get the email attribute of the user.

Thanks in advance,
Regards
Kaviya

[Fran Alsina]

Hi Kaviya,

The email address is not returned in the token exchange API response. 

In the token exchange process, you can collect the authenticated ORCID iD, access tokens and the user's name. All this data is the one considered essential to work with the API.

The email address can be obtained by doing a get /email call or a get /record call: 

https://github.com/ORCID/orcid-model/blob/master/src/main/resources/record_3.0/README.md#read-sections

However, getting an email address from ORCID records depends on the visibility settings: you will only be able to collect email addresses that are set with Public visibility settings. 

Researcher control is one of ORCID’s core principles, so we would like to highlight the fact that the visibility settings of an ORCID record will always be in control of the ORCID record holder.

Please, do not request your users to change their email visibility settings to Public. This is not part of our recommended practices and we encourage you not to do that. You can enable a form field so that users can enter their email addresses instead. 

I hope that this helps.

All best,